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AMENDMENTS TO THE CLAIMS 
This listing of claims replaces all prior versions, and listings, of claims in the application: 

1 1 . (Currently Amended) A method of dynamically protecting access to a first 

2 network, comprising: 

3 receiving, in a system, a data unit containing a source address indicating a source 

4 of a data unit; 

5 matching the source address with information stored in the system; [[and]] 

6 enabling entry of the data unit to the first network for communication to a 

7 destination device on the first network if the source address matches the information stored in the 
- 8 system and denying entry of the data unit to the first network if the source address does not 

9 match the information stored in the system, 

1 0 wherein the destination device is separate from the system; 

11 determining whether the data unit contains an identifier of a codec type that 

12 matches a stored codec type; and 

13 indicating occurrence of an attack of the first network in response to determining 

14 that the identifier is of a codec type that does not match the stored codec type . 

1 2. (Original) The method of claim 1, wherein matching the source address with the 

2 information comprises matching the source address with one or more entries of a network 

3 address translation mapping table. 

1 3. (Original) The method of claim 1, wherein matching the source address 

2 comprises matching an Internet Protocol address. 

1 4. (Cancelled) 
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1 5. (Currently Amended) A method of dynamically protecting access to a first 

2 network, comprising: 

3 receiving, in a system, a data unit containing a source address indicating a source 

4 of [[a]] the data unit; 

5 matchin g, by an address filter in the system, the source address with information 

6 stored in the system; 

7 enabling , by the address filter, entry of the data unit to the first network if the 

8 source address matches the information stored in the system and denying entry of the data unit to 

9 the first network if the source address does not match the information stored in the system; and 

10 determinin g, by a protocol filter, if the data unit contains a payload according to a 

1 1 predetermined protocol, and denyin g, by the protocol filter, entry of the data unit if the data unit 

12 does not contain payload according to the predetermined protocol. 

1 6. (Original) The method of claim 5, wherein determining if the data unit contains a 

2 payload according to the predetermined protocol comprises determining if the data unit contains 

3 a payload according to a Real-Time Protocol or Real-Time Control Protocol. 

1 7. (Previously Presented) A method of dynamically protecting access to a first 

2 network, comprising: 

3 receiving, in a system, a data unit containing a source address indicating a source 

4 of a data unit; 

5 matching the source address with information stored in the system; 

6 enabling entry of the data unit to the first network if the source address matches 

7 the information stored in the system and denying entry of the data unit to the first network if the 

8 source address does not match the information stored in the system; and 

9 storing profile information for a call session, and determining if an unauthorized 
10 access of the first network is occurring based on the profile information. 
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1 8. (Original) The method of claim 7, wherein storing the profile information 

2 comprises storing a threshold representing a maximum acceptable rate of incoming data units 

3 from an external network to the first network. 

1 9. (Original) The method of claim 8, further comprising calculating a value for the 

2 threshold based on a frame size used in the call session. 

1 10. (Original) The method of claim 8, wherein storing the profile information further 

2 comprises storing a pattern expected in incoming data units. 

1 11. (Original) The method of claim 10, wherein storing the pattern comprises storing 

2 a codec type used in the call session. 

1 12. (Original) The method of claim 8, further comprising generating an alarm if the 

2 system detects a rate of incoming data units from the external network to the first network 

3 exceeding the threshold. 

1 13. (Original) The method of claim 8, further comprising denying further transport of 

2 incoming data units from the external network to the first network for the call session if the 

3 system detects a rate of incoming data units from the external network to the first network 

4 exceeding the threshold. 

1 14.-15. (Cancelled) 
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1 16. (Currently Amended) An article comprising at least one storage medium 

2 containing instructions for protecting a first network, the instructions when executed causing a 

3 system to: 

4 determine if a rate of incoming data units from an external network to the first 

5 network exceeds a predetermined threshold in a given call session; 

6 perform a security action if the determined rate of incoming data units exceeds the 

7 predetermined threshold , wherein performing the security action comprises generating a report 

8 that an attack is occurring ; and 

9 store plural thresholds for corresponding plural call sessions. 

1 17. (Previously Presented) An article comprising at least one storage medium 

2 containing instructions for protecting a first network, the instructions when executed causing a 

3 system to: 

4 determine if a rate of incoming data units from an external network to the first 

5 network exceeds a predetermined threshold in a given call session; 

6 perform a security action if the determined rate of incoming data units exceeds the 

7 predetermined threshold; and 

8 calculate the predetermined threshold based at least in part on a frame size used in 

9 the call session. 

1 18. (Cancelled) 
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1 19. (Previously Presented) An article comprising at least one storage medium 

2 containing instructions for protecting a first network, the instructions when executed causing a 

3 system to: 

4 determine if a rate of incoming data units from an external network to the first 

5 network exceeds a predetermined threshold; 

6 perform a security action if the determined rate of incoming data units exceeds the 

7 predetermined threshold; and 

8 determine if each incoming packet has a predetermined pattern, 

9 wherein the instructions when executed cause the system to determine if each 

10 incoming packet has the predetermined pattern by checking if each incoming packet has an 

1 1 indication of a predetermined codec type. 

1 20. (Cancelled) 

1 21. (Currently Amended) A system for use in communications between a first 

2 network and an external network, comprising: 

3 a storage module to store a threshold value for a communications session, the 

4 threshold value representing an acceptable rate of incoming data units from the external network 

5 to the first network; and 

6 a controller adapted to deny further entry of data units from the external network 

7 to the first network in the communications session and to generate a report of an attack from the 

8 external network in response to the controller detecting that the rate of incoming data units 

9 exceeds the threshold value, 

10 the storage module to further store address information, wherein the controller is 

1 1 adapted to compare a source address of an incoming data unit with the address information 

12 stored in the system and to deny further entry of the incoming data unit if the source address does 

13 not match the address information stored in the system. 

1 22. (Original) The system of claim 21, wherein the address information comprises a 

2 network address translation table. 
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1 23 . (Original) The system of claim 22, wherein the network address translation table 

2 comprises a network address and port translation table. 

1 24. (Original) The system of claim 21, wherein the controller is adapted to further 

2 check if the incoming data unit contains a Real-Time Protocol or Real-Time Control Protocol 

3 payload, and to deny further entry of the incoming data unit if the incoming data unit does not 

4 contain a Real-Time Protocol or Real-Time Control Protocol payload. 

1 25. (Previously Presented) A system for use in communications between a first 

2 network and an external network, comprising: 

3 a storage module to store a threshold value for a communications session, the 

4 threshold value representing an acceptable rate of incoming data units from the external network 

5 to the first network; and 

6 a controller adapted to deny further entry of data units from the external network 

7 to the first network in the communications session in response to the controller detecting that the 

8 rate of incoming data units exceeds the threshold value, 

9 the storage module to further store a codec type for the communications session, 

10 wherein the controller is adapted to deny entry of an incoming data unit if the incoming data unit 

1 1 does not contain an indication of the codec type. 

1 26. (New) The article of claim 17, wherein performing the security action comprises 

2 generating a report that an attack is occurring. 
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